lordlundar Posted December 18, 2012 Posted December 18, 2012 NOTE: THIS IS NOT A "TEKKIT VS. FTB" THREAD PLEASE DON'T TURN IT INTO ONE Those who use FTB might have already noticed this, but for those who didn't, there was a problem with the FTB launcher which caused Minecraft passwords to be publicly available. Details are here. If you think you might be affected please go to Minecraft.net and change your password.
Jorcer Posted December 18, 2012 Posted December 18, 2012 NOTE: THIS IS NOT A "TEKKIT VS. FTB" THREAD PLEASE DON'T TURN IT INTO ONE Those who use FTB might have already noticed this, but for those who didn't, there was a problem with the FTB launcher which caused Minecraft passwords to be publicly available. Details are here. If you think you might be affected please go to Minecraft.net and change your password. ...Why the heck would you post this here? Go to the FTB forums...
Xylord Posted December 18, 2012 Posted December 18, 2012 ...Why the heck would you post this here? Go to the FTB forums... This is a pretty big issue. Odds are that there are some FTB users that still lurk more around here than in the FTB forums. I think it would be safe to say that everybody who could be concerned should know about it.
Jorcer Posted December 18, 2012 Posted December 18, 2012 This is a pretty big issue. Odds are that there are some FTB users that still lurk more around here than in the FTB forums. I think it would be safe to say that everybody who could be concerned should know about it. But the issue only occurred on the FTB forums if you posted a log over there.
freakachu Posted December 18, 2012 Posted December 18, 2012 But the issue only occurred on the FTB forums if you posted a log over there. if you posted a log anywhere from the FTB launcher it occurred, it sounds like. this may not be the FTB forums, but with an issue like this you can't have too much coverage when you're trying to get the word out. account security is serious business, even in minecraft.
V00doocat Posted December 18, 2012 Posted December 18, 2012 As far as I can make out the only people affected are those who pasted an error to pastebin (edit: or anywhere) concerning failed login and such fro the console. Regular users of FTB launcher seem to be unaffected. That said though It's never a bad thing to change you password now and then anyway. Thx for the heads up lordlundar.
Xylord Posted December 18, 2012 Posted December 18, 2012 But the issue only occurred on the FTB forums if you posted a log over there. My understanding was that your personal information was inadvertently recorded in your launcher log due to a bug. Say, if you copy-pasted this log, your account could be easily pirated by someone aware of the bug. So, let's say Bobby makes a bug report on the FTB forums. He keeps playing FTB, but doesn't really go in the forums, he's more on the Technic forums. His account could have been hacked, and he wouldn't receive this warning.
Jorcer Posted December 18, 2012 Posted December 18, 2012 Fair nuff. Re-reading my response is likely going to be read with a more serious tone than I meant. Sorry about that, and I agree it is important to get this out. Again, we need a bashful smiley...
slektomper Posted December 18, 2012 Posted December 18, 2012 this thread seems like its very well behaved given the subject in question, lets just hope it stays that way. on topic, im glad this is pasted in many places, give people the chance to know about it, and do something about it. I have to say well done to the FTB team for not just hiding away from the issue, and possibly causing their users some very serious issues. they have it out in the open and give people the chance to fix it, this is the way it should be done IMO.
V00doocat Posted December 18, 2012 Posted December 18, 2012 I play on a tekkit server. But I have tried out the FTB launcher and several of it's packs and maps. And I would hope that anyone who has passed an opinion on it has tried it too. Last time I checked we are part of the minecraft modded community. (Even if we are the ones people cross the street to avoid.) When stuff like this happens info needs to flow freely and rapidly. No one wants the repeats of big company names sitting on info like this for weeks. Thankfully people have learnt from the mistakes of others about keeping this sort of thing quiet. Just one thing though. It say's an earlier version of the launcher was responsible for this. I am pretty confident they acted quickly, but would in these situations always prefer to know when this happened. But I appreciate a post was probably put together in a hurry and such info was not left out intentionally.
slektomper Posted December 18, 2012 Posted December 18, 2012 looks like they worked fast to resolve the issues EDIT: we have contacted pastebin and got all pastes removed with the passwords in. hopefully there should be no issues of someone stumbling upon it accidentally
freakachu Posted December 18, 2012 Posted December 18, 2012 unless they used pastie, or any number of other pastebin type websites.
slektomper Posted December 18, 2012 Posted December 18, 2012 unless they used pastie, or any number of other pastebin type websites. i believe the main problem was that their launcher has a "post to pastebin" button, so a lot of people pressed it, but i could be wrong, and they could have removed that in a recent version
freakachu Posted December 18, 2012 Posted December 18, 2012 i believe the main problem was that their launcher has a "post to pastebin" button, so a lot of people pressed it, but i could be wrong, and they could have removed that in a recent version ah, I see. still, the majority != everyone
slektomper Posted December 18, 2012 Posted December 18, 2012 i very much agree, i also agree that it should not have happened under any circumstance, and im not defending what they did, but i am gonna defend how they handled it, they got it sorted quickly and alerted their users, and did everything in their power to try and remove the records from the internet. i fail to see how much more they couldve done (except not let it happen, obviously)
V00doocat Posted December 18, 2012 Posted December 18, 2012 i very much agree, i also agree that it should not have happened under any circumstance, and im not defending what they did, but i am gonna defend how they handled it, they got it sorted quickly and alerted their users, and did everything in their power to try and remove the records from the internet. i fail to see how much more they couldve done (except not let it happen, obviously) I am pretty sure they sorted it quickly as well... But in truth none of us know that for sure, as none of us know when this happened. All we know is "an earlier launcher" was responsible. Not trying to make something out of nothing here but for all we know an earlier launcher could of been weeks ago. (not that I think it was) This is why I think it's important to give a full timeline when announcing things like this. Example: Is someone who made a paste of a login error 10 days ago at risk or do they have nothing to worry about ? At the moment such speculation only exists because of lack of an honest timeline. As I said in a previous post I don't think that info was left out for any sinister reasons but I think it's valid information. Edit: the quote actually says "recent" rather than "earlier". But my point still stands.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now